//
// SPDX-FileCopyrightText: 2003-2019 Christopher M. Kohlhoff (chris at kohlhoff dot com)
//
// SPDX-License-Identifier: BSL-1.0
//
// SPDX-FileContributor: 2021-2022 Espressif Systems (Shanghai) CO LTD
//

#include "asio/detail/config.hpp"
#include "openssl_stub.hpp"
#include "asio/detail/throw_error.hpp"
#include "asio/error.hpp"
#include "asio/ssl/detail/engine.hpp"
#include "asio/ssl/error.hpp"
#include "asio/ssl/verify_context.hpp"
#include "mbedtls_context.hpp"
#include "mbedtls_bio.hpp"
#include "mbedtls_error.hpp"
#include "mbedtls_engine.hpp"


namespace asio {
namespace ssl {
namespace detail {


engine::engine(SSL_CTX *context)
    : ssl_(nullptr)
{
    ssl_ = mbedtls::create<mbedtls::engine>("mbedtls-engine", context->get());
}

engine::~engine()
{
    delete ssl_;
}

SSL *engine::native_handle()
{
    return ssl_;
}

asio::error_code engine::set_verify_mode(
    verify_mode v, asio::error_code &ec)
{
    ssl_->set_verify_mode(v);
    return {};
}

engine::want engine::handshake(
    stream_base::handshake_type type, asio::error_code &ec)
{
    return perform((type == asio::ssl::stream_base::client)
                   ? &engine::do_connect : &engine::do_accept, 0, 0, ec, 0);
}

engine::want engine::shutdown(asio::error_code &ec)
{
    return perform(&engine::do_shutdown, 0, 0, ec, 0);
}

engine::want engine::write(const asio::const_buffer &data,
                           asio::error_code &ec, std::size_t &bytes_transferred)
{
    if (data.size() == 0) {
        ec = asio::error_code();
        return engine::want_nothing;
    }

    return perform(&engine::do_write,
                   const_cast<void *>(data.data()),
                   data.size(), ec, &bytes_transferred);
}

engine::want engine::read(const asio::mutable_buffer &data,
                          asio::error_code &ec, std::size_t &bytes_transferred)
{
    if (data.size() == 0) {
        ec = asio::error_code();
        return engine::want_nothing;
    }

    return perform(&engine::do_read, data.data(),
                   data.size(), ec, &bytes_transferred);
}

asio::mutable_buffer engine::get_output(
    const asio::mutable_buffer &data)
{
    int length = ssl_->ext_bio()->read(data.data(), static_cast<int>(data.size()));

    return asio::buffer(data,
                        length > 0 ? static_cast<std::size_t>(length) : 0);
}

asio::const_buffer engine::put_input(
    const asio::const_buffer &data)
{
    int length = ssl_->ext_bio()->write(data.data(), static_cast<int>(data.size()));

    return asio::buffer(data +
                        (length > 0 ? static_cast<std::size_t>(length) : 0));
}

const asio::error_code &engine::map_error_code(
    asio::error_code &ec) const
{
    // We only want to map the error::eof code.
    if (ec != asio::error::eof) {
        return ec;
    }

    // If there's data yet to be read, it's an error.
    if (ssl_->ext_bio()->wpending()) {
        ec = asio::ssl::error::stream_truncated;
        return ec;
    }

    // Otherwise, the peer should have negotiated a proper shutdown.
    if (ssl_->shutdown() != 0) {
        ec = asio::ssl::error::stream_truncated;
    }

    return ec;
}

// This is a simplified implementation of a generic ssl io operation
// original implementation using openssl's SSL object is in asio/include/asio/ssl/detail/impl/engine.ipp
engine::want engine::perform(int (engine::* op)(void *, std::size_t),
                             void *data, std::size_t length, asio::error_code &ec,
                             std::size_t *bytes_transferred)
{
    std::size_t pending_output_before = ssl_->ext_bio()->ctrl_pending();
    int result = (this->*op)(data, length);

    std::size_t pending_output_after = ssl_->ext_bio()->ctrl_pending();

    if (mbedtls::error_codes::is_error(result)) {
        ec = asio::error_code(result, asio::error::get_mbedtls_category());
        return pending_output_after > pending_output_before ? want_output : want_nothing;
    }

    if (result == 0) {
        return pending_output_after > pending_output_before
               ? want_output : want_nothing;
    }

    if (result > 0 && bytes_transferred) {
        *bytes_transferred = static_cast<std::size_t>(result);
    }

    if (mbedtls::error_codes::want_write(result)) {
        ec = asio::error_code();
        return want_output_and_retry;
    } else if (pending_output_after > pending_output_before) {
        ec = asio::error_code();
        return result > 0 ? want_output : want_output_and_retry;
    } else if (mbedtls::error_codes::want_read(result)) {
        ec = asio::error_code();
        return want_input_and_retry;
    } else if (ssl_->get_state() == mbedtls::CLOSED) {
        ec = asio::error::eof;
        return want_nothing;
    }

    ec = asio::error_code();
    return want_nothing;
}

int engine::do_accept(void *, std::size_t)
{
    return ssl_->accept();
}

int engine::do_connect(void *, std::size_t)
{
    return ssl_->connect();
}

int engine::do_shutdown(void *, std::size_t)
{
    return ssl_->shutdown();
}

int engine::do_read(void *data, std::size_t length)
{
    return ssl_->read(data, length < INT_MAX ? static_cast<int>(length) : INT_MAX);
}

int engine::do_write(void *data, std::size_t length)
{
    return ssl_->write(data, length < INT_MAX ? static_cast<int>(length) : INT_MAX);
}

} // namespace detail
} // namespace ssl
} // namespace asio
